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DETAILED ACTION 



1. 



Claims 1-24 are pending. 



Claim Rejections - 35 USC § 101 



1. Claims 1-16 are rejected under 35 U.S.C. 101 because the claims are directed 
towards nonstatutory subject matter. 

2. With regards to claims 1-8, the cited claims are an example of functional 
descriptive material consisting of data structures and programs that impart functionality 
when employed as executed by a computer component. The functionality of functional 
descriptive material is realized only when the functional descriptive material is claimed 
as being embodied on a computer readable medium and is claimed as executed by a 
computer component. The cited claims provide no tangible computer components that 
work in conjunction with the functional descriptive material to impart functionality and as 
a result the claims are not statutory because they fail the practical application 
requirement of § 101 by failing to provide a useful, concrete, and tangible result (see 
MPEP2106). 

3. With regards to claims 1-8 and 9-16, the claimed medium (claims 1-8) and the 
claimed "means" is defined by the specification as being a modulated carrier signal in 
certain embodiments (Specification, page 7). A signal is an intangible medium and thus 
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the claims fail the practical application requirement of 35 (JSC 101 by failing to provide a 
use, concrete, and tangible result. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1-7, 9-15, and 17-23 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Win et al US Patent No. 6,453,353 in view of Gillett et al US Patent 
No. 6,760,711. 

3. With regards to claims 1, 9, 17, Win teaches a computer program product, 
system, and method for implementing electronic commerce systems comprising a web 
site being accessible by one or more users (Win, column 4 lines 20-30 and 34-67, web 
server with components stored on physical server), the computer readable code means 
representing the users (Win, column 5 lines 12-15, registered users, column 4 lines 45- 
51), each user being associated with a unique identity in the system (Win, column 6 
lines 1-10, users associated with a particular login, column 6 lines 40-45, associated 
with a particular username), computer readable program code means for associating a 
user identity with one of a set of access roles for a security domain (Win, column 5 lines 
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44-54, associates each user with access rights defined by their role), the access role 
defining access privileges for the user corresponding to the user identity (Win, column 5 
lines 44-54, associates each user with access rights defined by their role), computer 
readable program code means for granting or denying access to a user attempting to 
access a portion of the web site by determining the user identity for the user (Win, 
column 8 lines 10-16, grants access based upon the user identity, column 3 lines 1-6, 
denies access based on user identity, column 8 lines 36-46) and determining the 
access role associated with the user identity for the security domain corresponding to 
the portion of the web site subject to the access attempt (Win, column 6 lines 10-16). 
Win fails to teach the security domains comprising a subset of the set of organizations 
and the on-line stores associated with the organizations in the subset. However, Gillett 
teaches security domains comprising a subset of the set of organizations and the on- 
line stores associated with the organizations in the subset (Gillett, column 3 lines 28-60, 
online stores, column 4 lines 1-10, column 8 lines 20-40). At the time the invention was 
made, it would have been obvious to a person of ordinary skill in the art to utilize 
Gillett's organizational design using online stores because it offers the advantage of 
allowing small merchants to set up online stores while having a centralized ISP provide 
the security and maintenance of the websites thereby diminishing the threat of misuse 
of information (Gillett, column 1 lines 35-62 and column 1 lines 1-15). 
4. With regards to claims 2, 10, and 18, Win as modified teaches carrying out the 
determination of the access role associated with a user identity for a security domain at 
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user logon time (Win, column 6 lines 10-16, when logging in, authorized resources are 
determined and presented to user). 

5. With regards to claims 3, 11, and 19, Win as modified teaches the set of 
access roles comprising registered customers and administrator roles (Win, column 4 
lines 44-50, roles include users and administrators, column 5 lines 20-33, users include 
the role of customer, column 16 lines 3-12). 

6. With regards to claims 4-6, 12-14, and 20-22, Win as modified teaches 
computer readable program code means operable to define the set of organizations as 
a tree structure (Gillett, Figure 1 , tree structure with ISP 26 as root and merchant 
computers 24 as leaves. Win, column 5 lines 20-32 and lines 55-56, functional groups 
of roles own lesser roles), in which the computer readable program code means for 
associating a user identity with one of a set of access roles further comprises computer 
readable program code means for associating the user identity with the access role for 
a selected one of the set of organizations (Win, column 5 lines 24-29, associates users 
with a particular organization) and computer readable program code means for defining 
the security domain to include the selected organization (Win, column 5 lines 33-39) 
and those organizations in the set that are descendants of the selected organization 
(Win, column 5 lines 54-56). 

7. With regards to claims 7, 15, and 23, Win as modified teaches computer 
readable program code means for maintaining and providing look up functionality for a 
table (Win, column 13 lines 50-52, database tables, column 15 lines 44-46, table of user 
names and user types and look up functionality provided by Registry Repository) 
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comprising rows comprising data representing user identity, organization, and access 
, role associations (Win, column 16 lines 46-53, record includes name, role, and 
privileges). 

8. Claims 8, 16, and 24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Win et al US Patent No. 6,453,353.and Gillett et al US Patent No. 
6,760,71 1 , as applied to claims 1 , 9, and 1 7 above, and in further view of Aull et al US 
Patent No. 7,028,180. 

9. With regards to claims 8, 16, and 24, Win as modified fails to teach computer 
readable program code means for providing user identities with associated access roles 
at user registration to a website. However, Aull teaches computer readable program 
code means for providing user identities with associated access roles at user 
registration to a website (Aull, column 9 lines 6-21 , registers using web server and 
receives role certificate). At the time the invention was made, it would have been 
obvious to a person of ordinary skill in the art to utilize Aull's registration method 
because it offers the advantage of providing a method by which all parties involved may 
give their approval to the granting of a role to a user (Aull, column 9 lines 1 0-21 ). 

Conclusion 



10. The prior art made of record and not relied upon is considered pertinent to 
applicants disclosure. 
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11. Moriconi et al US Patent No. 6,158,010 discloses a system for maintaining 
security in a distributed computer network. 

12. Soderlind et al US PGPub 2002/0069123 discloses an electronic commerce 
system. 

13. Dan et al US Patent No. 7,062,472 discloses an electronic contracts system with 
primary and sponsored roles. 

14. Goswami et al US PGPub 2004/0205554 discloses a system for accessing 
multiple internal information sources of a business from a composite web document. 

15. Schummer US PGPub 2001/0032154 discloses an Internet communications and 
e-commerce platform. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Andrew L. Nalven whose telephone number is 571 272 
3839. The examiner can normally be reached on Monday - Thursday 8-6, Alternate 
Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on 571 272 3811. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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